Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads
Summary
A malicious Hugging Face repository impersonating an OpenAI release, named Open-OSS/privacy-filter, achieved approximately 244,000 downloads before being removed. This fake model distributed infostealer malware to Windows systems by executing a malicious Python script disguised as a legitimate loader.
IFF Assessment
This incident represents a threat to defenders as it highlights a new attack vector through AI model repositories, potentially compromising corporate environments and sensitive data.
Defender Context
This incident underscores the growing risk of the AI supply chain, where public model repositories can be leveraged to distribute malware. Defenders should implement stricter validation processes for AI models sourced from public platforms and be vigilant about the potential for supply-chain attacks involving AI components.